@@ -1,3 +1,7 @@

+Fri Mar 19 14:37:18 CET 2010 (tk)

+---------------------------------

+ * freshclam: add support for ExtraDatabase (bb#781)

+

 Tue Mar 16 04:11:02 CET 2010 (acab)

 -----------------------------------

  * win32: add sigtool upon request from 3rd party sigmakers

@@ -49,7 +49,8 @@ char *txtquery(const char *domain, unsigned int *ttl)

 	unsigned int cttl, size, txtlen = 0;

-    *ttl = 0;

+    if(ttl)

+	*ttl = 0;

     if(res_init() < 0) {

 	logg("^res_init failed\n");

 	return NULL;

@@ -136,7 +137,8 @@ char *txtquery(const char *domain, unsigned int *ttl)

     memcpy(txt, pt+1, txtlen);

     txt[txtlen] = 0;

-    *ttl = cttl;

+    if(ttl)

+	*ttl = cttl;

     return txt;

 }

@@ -1456,13 +1456,14 @@ static int buildcld(const char *tmpdir, const char *dbname, const char *newfile,

     return 0;

 }

-static int updatedb(const char *dbname, const char *hostname, char *ip, int *signo, const struct optstruct *opts, const char *dnsreply, char *localip, int outdated, struct mirdat *mdat, int logerr)

+static int updatedb(const char *dbname, const char *hostname, char *ip, int *signo, const struct optstruct *opts, const char *dnsreply, char *localip, int outdated, struct mirdat *mdat, int logerr, int extra)

 {

 	struct cl_cvd *current, *remote;

 	const struct optstruct *opt;

 	unsigned int nodb = 0, currver = 0, newver = 0, port = 0, i, j;

 	int ret, ims = -1;

 	char *pt, cvdfile[32], localname[32], *tmpdir = NULL, *newfile, newdb[32], cwd[512];

+	char extradbinfo[64], *extradnsreply = NULL;

 	const char *proxy = NULL, *user = NULL, *pass = NULL, *uas = NULL;

 	unsigned int flevel = cl_retflevel(), remote_flevel = 0, maxattempts;

 	unsigned int can_whitelist = 0;

@@ -1477,7 +1478,7 @@ static int updatedb(const char *dbname, const char *hostname, char *ip, int *sig

 	mdat->dbflevel = current->fl;

     }

-    if(!nodb && dnsreply) {

+    if(!nodb && !extra && dnsreply) {

 	    int field = 0;

 	if(!strcmp(dbname, "main")) {

@@ -1506,8 +1507,43 @@ static int updatedb(const char *dbname, const char *hostname, char *ip, int *sig

 	    logg("^Invalid DNS reply. Falling back to HTTP mode.\n");

 	}

     }

+#ifdef HAVE_RESOLV_H

+    else if(!nodb && extra && !optget(opts, "no-dns")->enabled) {

+	snprintf(extradbinfo, sizeof(extradbinfo), "%s.cvd.clamav.net", dbname);

+	if((extradnsreply = txtquery(extradbinfo, NULL))) {

+	    if((pt = cli_strtok(extradnsreply, 1, ":"))) {

+		    int rt;

+		    time_t ct;

+

+		rt = atoi(pt);

+		free(pt);

+		time(&ct);

+		if((int) ct - rt > 10800) {

+		    logg("^DNS record is older than 3 hours.\n");

+		    free(extradnsreply);

+		    extradnsreply = NULL;

+		}

+	    } else {

+		logg("^No timestamp in TXT record for %s\n", cvdfile);

+		free(extradnsreply);

+		extradnsreply = NULL;

+	    }

+	    if((pt = cli_strtok(extradnsreply, 0, ":"))) {

+		if(!cli_isnumber(pt)) {

+		    logg("^Broken database version in TXT record for %s\n", cvdfile);

+		} else {

+		    newver = atoi(pt);

+		    logg("*%s version from DNS: %d\n", cvdfile, newver);

+		}

+		free(pt);

+	    } else {

+		logg("^Invalid DNS reply. Falling back to HTTP mode.\n");

+	    }

+	}

+    }

+#endif

-    if(dnsreply) {

+    if(dnsreply && !extra) {

 	if((pt = cli_strtok(dnsreply, 5, ":"))) {

 	    remote_flevel = atoi(pt);

 	    free(pt);

@@ -1814,7 +1850,7 @@ int downloadmanager(const struct optstruct *opts, const char *hostname, const ch

     memset(ipaddr, 0, sizeof(ipaddr));

-    if((ret = updatedb("main", hostname, ipaddr, &signo, opts, dnsreply, localip, outdated, &mdat, logerr)) > 50) {

+    if((ret = updatedb("main", hostname, ipaddr, &signo, opts, dnsreply, localip, outdated, &mdat, logerr, 0)) > 50) {

 	if(dnsreply)

 	    free(dnsreply);

@@ -1828,7 +1864,7 @@ int downloadmanager(const struct optstruct *opts, const char *hostname, const ch

 	updated = 1;

     /* if ipaddr[0] != 0 it will use it to connect to the web host */

-    if((ret = updatedb("daily", hostname, ipaddr, &signo, opts, dnsreply, localip, outdated, &mdat, logerr)) > 50) {

+    if((ret = updatedb("daily", hostname, ipaddr, &signo, opts, dnsreply, localip, outdated, &mdat, logerr, 0)) > 50) {

 	if(dnsreply)

 	    free(dnsreply);

@@ -1856,7 +1892,7 @@ int downloadmanager(const struct optstruct *opts, const char *hostname, const ch

 	    else

 		logg("*%s removed\n", safedb);

 	}

-    } else if((ret = updatedb("safebrowsing", hostname, ipaddr, &signo, opts, dnsreply, localip, outdated, &mdat, logerr)) > 50) {

+    } else if((ret = updatedb("safebrowsing", hostname, ipaddr, &signo, opts, dnsreply, localip, outdated, &mdat, logerr, 0)) > 50) {

 	if(dnsreply)

 	    free(dnsreply);

@@ -1882,7 +1918,7 @@ int downloadmanager(const struct optstruct *opts, const char *hostname, const ch

 	    else

 		logg("*%s removed\n", dbname);

 	}

-    } else if((ret = updatedb("bytecode", hostname, ipaddr, &signo, opts, dnsreply, localip, outdated, &mdat, logerr)) > 50) {

+    } else if((ret = updatedb("bytecode", hostname, ipaddr, &signo, opts, dnsreply, localip, outdated, &mdat, logerr, 0)) > 50) {

 	if(dnsreply)

 	    free(dnsreply);

@@ -1896,6 +1932,20 @@ int downloadmanager(const struct optstruct *opts, const char *hostname, const ch

     if(dnsreply)

 	free(dnsreply);

+    /* handle extra dbs */

+    if((opt = optget(opts, "ExtraDatabase"))->enabled) {

+	while(opt) {

+	    if((ret = updatedb(opt->strarg, hostname, ipaddr, &signo, opts, NULL, localip, outdated, &mdat, logerr, 1)) > 50) {

+		if(newver)

+		    free(newver);

+		mirman_write("mirrors.dat", &mdat);

+		return ret;

+	    } else if(ret == 0)

+		updated = 1;

+	    opt = opt->nextarg;

+	}

+    }

+

     mirman_write("mirrors.dat", &mdat);

     if(updated) {

@@ -346,6 +346,8 @@ const struct clam_option __clam_options[] = {

     { "CompressLocalDatabase", NULL, 0, TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_FRESHCLAM, "By default freshclam will keep the local databases (.cld) uncompressed to\nmake their handling faster. With this option you can enable the compression.\nThe change will take effect with the next database update.", "" },

+    { "ExtraDatabase", NULL, 0, TYPE_STRING, NULL, -1, NULL, FLAG_MULTIPLE, OPT_FRESHCLAM, "Download additional database. This option can be used multiple times.", "dbname1\ndbname2" },

+

     { "HTTPProxyServer", NULL, 0, TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM, "If you're behind a proxy, please enter its address here.", "your-proxy" },

     { "HTTPProxyPort", NULL, 0, TYPE_NUMBER, MATCH_NUMBER, -1, NULL, 0, OPT_FRESHCLAM, "HTTP proxy's port", "8080" },